Hi Vector,
It sounds like you are on the right track and probably pretty close.
The problem is probably in either your 'radiusd.conf' file or your
'users' file.
In my radiusd.conf file, I use:
authorize {
preprocess
# counter
attr_filter
suffix
files
sql
}
authenticate {
sql
}
In my users file, I have the following:
DEFAULT Auth-Type := Sql
Fall-Through = 1
The important bit (I think) is to have 'files' before 'sql' in the
authorize section so that the "Auth-Type" gets set to 'Sql' in your
'users' file.
Hope this helps.
Vector wrote:
> First off, many thanks to Alan and others for their efforts!
>
> I have freeradius working against the md5 passwords in shadow. So I moved
> on to the next step of getting it to work in MySQL. I read the man pages,
> config files, docs, etc... I also read every single message in the archives
> that had 'sql' in the title and went through the page at the following URL
> which was most helpful in getting started:
> http://www.frontios.com/freeradius.html. Forgive me if I'm just being dense
> on this...it's been a long week.
>
> Now on to the problem. The following is a snip from "radiusd -xx -s" and
> shows the parameters used in sql.conf with some substitued out for generic
> stuff to protect the innocent. The only wierdness here that I can see is
> port="" but since it appears to eventually establish the connection, I'm
> guessing it really knows what port to use.
>
> _____________ BEGIN SNIP ______________
> Module: Loaded SQL
> sql: driver = "rlm_sql_mysql"
> sql: server = "localhost"
> sql: port = ""
> sql: login = "root"
> sql: password = "youwish"
> sql: radius_db = "radius"
> sql: acct_table = "radacct"
> sql: acct_table2 = "radacct"
> sql: authcheck_table = "radcheck"
> sql: authreply_table = "radreply"
> sql: groupcheck_table = "radgroupcheck"
> sql: groupreply_table = "radgroupreply"
> sql: usergroup_table = "usergroup"
> sql: nas_table = "nas"
> sql: dict_table = "dictionary"
> sql: sqltrace = yes
> sql: sqltracefile = "/var/log/radius/sqltrace.sql"
> sql: deletestalesessions = yes
> sql: num_sql_socks = 5
> sql: sql_user_name = "%{Stripped-User-Name}"
> _____________ END SNIP ______________
> ......
> bunch of stuff from other Modules, which all looked OK
> ......
>
> Now here is a snip from an incoming request after the server has said
> "Sleeping until we see a request.":
>
> _____________ BEGIN SNIP ______________
> rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:yyyy, id=34,
> length=80
> NAS-IP-Address = xxx.xxx.xxx.xxx
> NAS-Port = 66
> NAS-Port-Type = Virtual
> User-Name = "testuser"
> Calling-Station-Id = "xxx.xxx.xxx.xxx"
> Password = "<normal escaped character sequences, etc...>"
> rad_rmspace_pair: User-Name now 'testuser'
> rad_rmspace_pair: Password now 'testpass'
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> modcall[authorize]: module "suffix" returns ok
> rlm_sql: Reserving sql socket id: 4
> radius_xlat: ''
> rlm_sql: Released sql socket id: 4
> modcall[authorize]: module "sql" returns fail
> modcall: group authorize returns fail
> There was no response configured: rejecting request 8
> Server rejecting request 8.
> Sending Access-Reject of id 34 to xxx.xxx.xxx.xxx:yyyy
> Finished request 8
> Going to the next request
> --- Walking the entire request list ---
> Waking up in 6 seconds...
> --- Walking the entire request list ---
> Cleaning up request 8 ID 34 with timestamp 3c771525
> Nothing to do. Sleeping until we see a request.
> ______________ END SNIP _______________
>
> So what's the problem? It doesn't look like any SQL queries are getting
> executed. The sqltrace.sql file never shows up in the log directory where
> it is supposed to be (I'm guessing because it never get's to that point).
> It reserves the socket and immediately releases after debug output shows
> radius_xlat: ''
>
> All the traces I've seen in other peoples messages have lots of interesting
> stuff in them like queries and the like. I've check the db uid, pwd, db
> name, and every other parameter I can think of but still nothing.
>
> Also, I've placed into the schema that comes with 0.4 source, some test data
> similar to the references in the URL at the top of this section. I've also
> manually executed the queries found in sql.conf and they appear to return
> the right values (assuming I know what the right values are). I get the
> same thing whether I'm using radtest or the actual NAS I'm using. Any
> suggestions? Thanks so much for your time and for reading (or at least
> scanning) all this!
>
> vec
>
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
